| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 07 May 2024 22:48:26 +0200
From: "Arnd Bergmann" <arnd@...db.de>
To: "Thorsten Blum" <thorsten.blum@...lux.com>,
"Srinivas Kandagatla" <srinivas.kandagatla@...aro.org>,
"Amol Maheshwari" <amahesh@....qualcomm.com>,
"Greg Kroah-Hartman" <gregkh@...uxfoundation.org>
Cc: linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] misc: fastrpc: Use memdup_user()
On Tue, May 7, 2024, at 22:12, Thorsten Blum wrote:
> Switching to memdup_user() overwrites the allocated memory only once,
> whereas kzalloc() followed by copy_from_user() initializes the allocated
> memory to zero and then immediately overwrites it.
>
> Fixes the following Coccinelle/coccicheck warning reported by
> memdup_user.cocci:
>
> WARNING opportunity for memdup_user
>
> Signed-off-by: Thorsten Blum <thorsten.blum@...lux.com>
The patch looks correct to me.
> ---
> drivers/misc/fastrpc.c | 11 +++--------
> 1 file changed, 3 insertions(+), 8 deletions(-)
>
> diff --git a/drivers/misc/fastrpc.c b/drivers/misc/fastrpc.c
> index 4c67e2c5a82e..2857cddaf812 100644
> --- a/drivers/misc/fastrpc.c
> +++ b/drivers/misc/fastrpc.c
> @@ -1259,17 +1259,12 @@ static int
> fastrpc_init_create_static_process(struct fastrpc_user *fl,
> goto err;
> }
>
> - name = kzalloc(init.namelen, GFP_KERNEL);
> - if (!name) {
> - err = -ENOMEM;
> + name = memdup_user((void __user *)(uintptr_t)init.name, init.namelen);
> + if (IS_ERR(name)) {
> + err = PTR_ERR(name);
> goto err;
> }
There is also a chance to simplify this further using u64_to_user_ptr()
instead of the double cast if you want.
Acked-by: Arnd Bergmann <arnd@...db.de>
Arnd
Powered by blists - more mailing lists